Exploring the Influence of Organizational, Environmental, and Technological Factors on Information Security Policies and Compliance at South African Higher Education Institutions, with a Focus on Implications for Biomedical Research

Oluwafemi Peter Abiodun,Alan Christoffels,Dominique Anderson

doi:10.3390/proceedings2020045002

Oluwafemi Peter Abiodun, Alan Christoffels + Show 1 more

Open Access

https://doi.org/10.3390/proceedings2020045002

Copy DOI

Abstract

Globally, concerns over information security vulnerabilities are growing exponentially, fuelled by several headline reports of data breach incidents, which increase in size with each occurrence. On the Africa continent, South Africa is ranked among the most ‘at-risk’ countries for information security vulnerabilities, having lost approximately fifty billion rands to cybercrime in 2014. South Africa is currently considered to be the most cybercrime-targeted country in Africa. Worldwide, cyber vulnerability incidents greatly affect the education sector, due to the fact that this sector holds more Personal Identifiable Information (PII) than many other sectors. The PII ranges from (but is not limited to) ID numbers and financial account numbers to biomedical research data. In response to growing threats in South Africa, a similar regulation strategy to the European Union General Data Protection Regulation (GDPR), called the Protection of Personal Information Act (POPIA) will be implemented, with a view to mitigating cybercrime and information security vulnerabilities. The extent to which African institutions, and specifically the South African universities, have embraced and respond to these two information security regulations (GDPR and POPIA) is not yet clear and will be a matter of great importance for biomedical researchers. This research study aims to conduct a qualitative exploratory analysis of information security management across three universities in South Africa, by using a Technology, Organizational, and Environmental (TOE) model to investigate the factors which may influence the effectiveness of information security measures. This study is poised to make a significant contribution to the development of a Management Model for security practitioners and a framework for information management of biomedical data.

Highlights

Globally, concerns over information security vulnerabilities are growing exponentially, fuelled by several headline reports of data breach incidents, which increase in size with each occurrence
On the Africa continent, South Africa is ranked among the most ‘at-risk’ countries for information security vulnerabilities, having lost approximately fifty billion rands to cybercrime in 2014
This research study aims to conduct a qualitative exploratory analysis of information security management across three universities in South Africa, by using a Technology, Organizational, and Environmental (TOE) model to investigate the factors which may influence the effectiveness of information security measures

Summary

Introduction

Concerns over information security vulnerabilities are growing exponentially, fuelled by several headline reports of data breach incidents, which increase in size with each occurrence. Exploring the Influence of Organizational, Environmental, and Technological Factors on Information Security Policies and Compliance at South African Higher Education Institutions, with a Focus on Implications for Biomedical Research † Oluwafemi Peter Abiodun, Dominique Anderson and Alan Christoffels *

Objectives

Results

Conclusion